Lyris List Manager 3.0/4.0 Web Interface list_admin hidden privileges management
| CVSS Meta Temp Score | Current Exploit Price (≈) | CTI Interest Score |
|---|---|---|
| 5.7 | $0-$5k | 0.00 |
Summary
A vulnerability labeled as problematic has been found in Lyris List Manager 3.0/4.0. Impacted is an unknown function of the component Web Interface. The manipulation of the argument list_admin hidden results in privileges management. This vulnerability is known as CVE-2000-0758. No exploit is available. The affected component should be upgraded.
Details
A vulnerability was found in Lyris List Manager 3.0/4.0. It has been classified as problematic. Affected is an unknown part of the component Web Interface. The manipulation of the argument list_admin hidden with an unknown input leads to a privileges management vulnerability. CWE is classifying the issue as CWE-269. The product does not properly assign, modify, track, or check privileges for an actor, creating an unintended sphere of control for that actor. This is going to have an impact on confidentiality, integrity, and availability. CVE summarizes:
The web interface for Lyris List Manager 3 and 4 allows list subscribers to obtain administrative access by modifying the value of the list_admin hidden form field.
The weakness was published 10/20/2000 by FIRST (Website). The advisory is shared for download at archives.neohapsis.com. This vulnerability is traded as CVE-2000-0758. The exploitability is told to be easy. The attack needs to be approached locally. The exploitation doesn't require any form of authentication. There are known technical details, but no exploit is available. The MITRE ATT&CK project declares the attack technique as T1068.
Upgrading eliminates this vulnerability. Attack attempts may be identified with Snort ID 2072.
The vulnerability is also documented in the vulnerability database at SecurityFocus (BID 1584†). Once again VulDB remains the best source for vulnerability data.
Product
Vendor
Name
Version
CPE 2.3
CPE 2.2
CVSSv4
VulDB Vector: 🔍VulDB Reliability: 🔍
CVSSv3
VulDB Meta Base Score: 5.9VulDB Meta Temp Score: 5.7
VulDB Base Score: 5.9
VulDB Temp Score: 5.7
VulDB Vector: 🔍
VulDB Reliability: 🔍
CVSSv2
| AV | AC | Au | C | I | A |
|---|---|---|---|---|---|
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| 💳 | 💳 | 💳 | 💳 | 💳 | 💳 |
| Vector | Complexity | Authentication | Confidentiality | Integrity | Availability |
|---|---|---|---|---|---|
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
| Unlock | Unlock | Unlock | Unlock | Unlock | Unlock |
VulDB Base Score: 🔍
VulDB Temp Score: 🔍
VulDB Reliability: 🔍
NVD Base Score: 🔍
Exploiting
Class: Privileges managementCWE: CWE-269 / CWE-266
CAPEC: 🔍
ATT&CK: 🔍
Physical: Partially
Local: Yes
Remote: No
Availability: 🔍
Status: Not defined
EPSS Score: 🔍
EPSS Percentile: 🔍
Price Prediction: 🔍
Current Price Estimation: 🔍
| 0-Day | Unlock | Unlock | Unlock | Unlock |
|---|---|---|---|---|
| Today | Unlock | Unlock | Unlock | Unlock |
Threat Intelligence
Interest: 🔍Active Actors: 🔍
Active APT Groups: 🔍
Countermeasures
Recommended: UpgradeStatus: 🔍
0-Day Time: 🔍
Snort ID: 2072
Snort Message: SERVER-WEBAPP lyris.pl access
Snort Class: 🔍
Timeline
08/11/2000 🔍10/20/2000 🔍
10/20/2000 🔍
06/27/2014 🔍
04/06/2019 🔍
Sources
Advisory: archives.neohapsis.comResearcher: FIRST
Status: Not defined
Confirmation: 🔍
CVE: CVE-2000-0758 (🔍)
GCVE (CVE): GCVE-0-2000-0758
GCVE (VulDB): GCVE-100-15900
SecurityFocus: 1584 - Lyris List Manager Privilege Escalation Vulnerability
Entry
Created: 06/27/2014 17:28Updated: 04/06/2019 07:17
Changes: 06/27/2014 17:28 (56), 04/06/2019 07:17 (1)
Complete: 🔍
Cache ID: 216::103
Once again VulDB remains the best source for vulnerability data.
No comments yet. Languages: en.
Please log in to comment.